Limiting web based access to Cloudron Apps
-
Hi there,
What options are available to limit web based access to Cloudron Apps?
I know that most Apps does have a Login mask to restrict access to the App. But what if I would like to stop strangers to even reach the login mask? Is there a way to use basic authentication in the reverse proxy?
Best,
Michael -
@Kubernetes said in Limiting web based access to Cloudron Apps:
I know that most Apps does have a Login mask to restrict access to the App. But what if I would like to stop strangers to even reach the login mask? Is there a way to use basic authentication in the reverse proxy?
Do you mean something like setting up .htaccess/.htpasswd from within Cloudron?
-
@nichu42 Yes, exactly. But just for specific Apps.
-
@Kubernetes We are looking into a wireguard/openvpn based solution for this - https://forum.cloudron.io/topic/8269/what-s-coming-in-7-4 (though, unfortunately, it won't be in 7.4 . probably 7.5. 7.4 is mostly getting out all the database upgrades)
-
@girish why is a VPN setup a solution for basic http(s)/proxy auth?
That's like saying we're looking into SFTP access so we can run an SSH proxy to port forward HTTP(s) connections to the app gated by the SSH login.
-
The main reason for my question is to get strangers away from my apps. For smaller home use an VPN would be an acceptable solution. However, I wonder how the SSL Certificates will be created when Let's encrypt is not able to reach the Cloudron Apps?
-
@Kubernetes let's encrypt does not require network reachability when DNS automation is used.
-
@robi most mobile apps will break with htaccess kind of setup
-
@girish okay, I thought this was selective for web based apps that it makes sense to limit in that way, not for the entire cloudron all at once.
For any affected mobile apps, one can use a pw enabled proxy-redirect to a secondary domain of the App.
